You do not have permission to delete messages in this group
Copy link
Report message
Sign in to report message
Show original message
Either email addresses are anonymous for this group or you need the view member email addresses permission to view the original message
to naxsi-discuss
there had been some buzz about the latest
elasticsearch-rce-vuln recently, but all exploits i've seen
so far are getting blocked if you run the cnyxsi_core.rules
wirth high XSS/SQL-scores due to many brackets, quotes
and backslashes.
there exists a signature in the doxi-rules that was designed to detect
such kinds
of attacks against java-based applications but doesnt works as expected, since
the malicious string is not detected within the body; not sure if bug
or feature.
on JettyLeak: who runs Jetty behind nginx is safe, since nginx itself
blocks any request as malicious, so no naxsi-sig needed.
apachy btw happily forwards the mailicious request.